Cisco Closed Remote Code Execution & DoS Vulnerability in Security Appliances
Giant of networking equipment manufacturer CISCO warning of a critical vulnerability in its ASA 5500 Series Adaptive Security Appliances (ASA). An unauthenticated attacker can remotely execute arbitrary code and compromise a victim's system. The problem is located in a Cisco port forwarding ActiveX control – distributed to client systems by ASA as part of the Clientless VPN feature – that can be used to cause a buffer overflow attack. Versions 7.1 and 7.2, as well as 8.0 to 8.6 of the Cisco ASA software are affected. Cisco has contacted Microsoft and requested that it set a global kill bit for the vulnerable control in a future update, which will disable the exploitable control on affected systems. The company has released software updates that address the issue; for those who can't yet upgrade, workarounds are provided in the Cisco security advisory. In their security updates CISCO also closes the denial of service hole in ASA 5500 Series appliances and the Catalyst 6500 Series ASA Services Module (ASASM).
LINK TO OUR HOME PAGE :
Voice Of GREYHAT is a non-profit Organization propagating news specifically related with Cyber security threats, Hacking threads and issues from all over the spectrum. The news provided by us on this site is gathered from various Re-Sources. if any person have some FAQ's in their mind they can Contact Us. Also you can read our Privacy Policy for more info.
Thank You !
-Team VOGH
If you enjoyed VOGH News, Articles Then Do Make sure you to Subscribe Our RSS feed. Stay Tuned with VOGH and get Updated about Cyber Security News, Hacking Threads and Lots More. All our Articles and Updates will directly be sent to Your Inbox. Thank You!
-Team VOGH
Categories:
NEWS
,
security-news
,
technews
,
vulnerablity